From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.2 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS, URIBL_DBL_ABUSE_MALW,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68382C2D0DB for ; Tue, 28 Jan 2020 23:05:14 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 09D1E2465B for ; Tue, 28 Jan 2020 23:05:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="j53IeRqB"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="cXNbbRcy" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 09D1E2465B Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-mtd-bounces+linux-mtd=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version :Message-Id:In-Reply-To:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=i4VaM4Jj7wRoc6w+i9YX5eQsQqmfaUofJ2TN++mMX/8=; b=j53IeRqBLg1sgP JTPxF8Q+r+d017ECxDeUMUSzjXWc5bV/Alx+1qcG7XqUj1W1GzBBs0prA/pApZpWvQ5mEO7mBMQbV KSE0V4tSerjgtM0KV6eOxldWyp+SO3GBsy0RSTX2CANBVfbXaP4F6szbBbzQoZlGKldQPIaDhsrzm Ke8ldtqC1gd83q2pOorKt+GS7Uv254G3eYsUI1MWK0W8AbMk/UrQcS0B3mbJXWW+XpPr/RxUQ75s1 LnYb7aNrY5bkzhfq3xF+Hi85jXA0wB1yN5evc0Q0FjXbUMr+c/tbiWfTkoafz8Hzg10Lqn2Zv6MH3 kOrok0KbVqiaSPAbAALg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwZuk-0003Yy-Rq; Tue, 28 Jan 2020 23:04:58 +0000 Received: from mail-yw1-xc4a.google.com ([2607:f8b0:4864:20::c4a]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwZuH-000311-4T for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 23:04:31 +0000 Received: by mail-yw1-xc4a.google.com with SMTP id q187so11832856ywg.12 for ; Tue, 28 Jan 2020 15:04:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mElFIdvBM3FgdGB0giYU6HDPGvPw1H28aWg24e0T+3U=; b=cXNbbRcyrelz0jOl2nvYUhZR0khX1j2sYss4IC893Ev8GOU2MebqbJTfvBhbyQsJh2 xkh1fFXfE6QPtT8hh9oEQ3DhgBSMIXqRJigLbQth/siAHkrARXTlwFCtgAl1MVhXRq77 r9EJaH4xPCIvmzuMI4QPhWTwdJZUapVVwWWASS0hURiDh9ueheQefkmcBW7GF3KQAKCn 5xKOXlOg4AmIt8DVUvuMbj/qZ8FuWqKeqKSwbLYcx+B2lO11AyycX+c/WSOsJDylbYLX Dr5/siXnPwfQJc7htzkSbkKzrWiV1Hyb6VnBCQlBIcgKyCoXBmXSzU2dbeFyOjoRXDAv Mmeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mElFIdvBM3FgdGB0giYU6HDPGvPw1H28aWg24e0T+3U=; b=fH6IEgZ0AZA7osH1wPgDICvuRPIOdQC2qG4dYOSghcMSCqf3zoiPJClBuFNB3nRMcD bIWAZuNNHG0haHHt/1DYzOlYpVFod+NoBKWlHvqamaP06GzTAfQoXqSht59bh3ac6+lF NKnFMOzTWjsLqX8NlNo6JjO8/3T65k0VfVPyK5mfPHbC/S5SE3/mVi5ZmqAFuQ45uzob wSzYgQxa5ReLHGJ4xAohaaoPv9hTAQbO2uxSx3WpAnOMD43SPUFdCLCfMJibPOW0mkMJ dYG2pMFkaR9IWC1ZF4GwAcmMj3wTLErNChZSmewMn4wTJZASG7J3LRoTXsqPBXcrQWAz MwPA== X-Gm-Message-State: APjAAAUpXWA/vdxLRIh/5pPnjj+TWpVPKpPHZbi1Y3w3Qu7YgCO6US/Z BUuZOY+4XatSxDabG9fXQQQTnyWuDgM= X-Google-Smtp-Source: APXvYqzug8KWZlPUy3/Yz2b4ek47NyWDHtbXlwYF/G5a0Yo/bopE+QqltsTeIVVMCdKPONoQ0Y2jppnMi8o= X-Received: by 2002:a81:6fd4:: with SMTP id k203mr17341377ywc.370.1580252667044; Tue, 28 Jan 2020 15:04:27 -0800 (PST) Date: Tue, 28 Jan 2020 15:03:25 -0800 In-Reply-To: <20200128230328.183524-1-drosen@google.com> Message-Id: <20200128230328.183524-3-drosen@google.com> Mime-Version: 1.0 References: <20200128230328.183524-1-drosen@google.com> X-Mailer: git-send-email 2.25.0.341.g760bfbb309-goog Subject: [PATCH v6 2/5] fscrypt: Have filesystems handle their d_ops From: Daniel Rosenberg To: "Theodore Ts'o" , linux-ext4@vger.kernel.org, Jaegeuk Kim , Chao Yu , linux-f2fs-devel@lists.sourceforge.net, Eric Biggers , linux-fscrypt@vger.kernel.org, Alexander Viro , Richard Weinberger X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_150429_183564_0D57357B X-CRM114-Status: GOOD ( 17.16 ) X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Daniel Rosenberg , linux-doc@vger.kernel.org, kernel-team@android.com, Jonathan Corbet , linux-kernel@vger.kernel.org, Andreas Dilger , linux-fsdevel@vger.kernel.org, linux-mtd@lists.infradead.org, Gabriel Krisman Bertazi Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-mtd" Errors-To: linux-mtd-bounces+linux-mtd=archiver.kernel.org@lists.infradead.org This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Signed-off-by: Daniel Rosenberg --- Should the d_op setting functions go into fs/libfs.c? fs/crypto/fname.c | 7 ++----- fs/crypto/fscrypt_private.h | 1 - fs/crypto/hooks.c | 1 - fs/ext4/dir.c | 38 ++++++++++++++++++++++++++++++++++++- fs/ext4/ext4.h | 1 + fs/ext4/namei.c | 1 + fs/ext4/super.c | 5 ----- fs/f2fs/dir.c | 38 ++++++++++++++++++++++++++++++++++++- fs/f2fs/f2fs.h | 4 +--- fs/f2fs/namei.c | 1 + fs/f2fs/super.c | 1 - fs/ubifs/dir.c | 18 ++++++++++++++++++ include/linux/fscrypt.h | 6 ++++-- 13 files changed, 102 insertions(+), 20 deletions(-) diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c index 4c212442a8f7f..14c585f66f8da 100644 --- a/fs/crypto/fname.c +++ b/fs/crypto/fname.c @@ -543,7 +543,7 @@ EXPORT_SYMBOL_GPL(fscrypt_fname_siphash); * Validate dentries in encrypted directories to make sure we aren't potentially * caching stale dentries after a key has been added. */ -static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) +int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) { struct dentry *dir; int err; @@ -582,7 +582,4 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) return valid; } - -const struct dentry_operations fscrypt_d_ops = { - .d_revalidate = fscrypt_d_revalidate, -}; +EXPORT_SYMBOL(fscrypt_d_revalidate); diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h index 9aae851409e55..238075fcabb3e 100644 --- a/fs/crypto/fscrypt_private.h +++ b/fs/crypto/fscrypt_private.h @@ -250,7 +250,6 @@ extern int fscrypt_fname_encrypt(const struct inode *inode, extern bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len, u32 max_len, u32 *encrypted_len_ret); -extern const struct dentry_operations fscrypt_d_ops; /* hkdf.c */ diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c index 5ef861742921c..604a028dee25a 100644 --- a/fs/crypto/hooks.c +++ b/fs/crypto/hooks.c @@ -118,7 +118,6 @@ int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry, spin_lock(&dentry->d_lock); dentry->d_flags |= DCACHE_ENCRYPTED_NAME; spin_unlock(&dentry->d_lock); - d_set_d_op(dentry, &fscrypt_d_ops); } return err; } diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index e9f7c32089dfc..c98c788301e9c 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -668,8 +668,44 @@ const struct file_operations ext4_dir_operations = { }; #ifdef CONFIG_UNICODE -const struct dentry_operations ext4_dentry_ops = { +static const struct dentry_operations ext4_ci_dentry_ops = { .d_hash = utf8_ci_d_hash, .d_compare = utf8_ci_d_compare, }; #endif + +#ifdef CONFIG_FS_ENCRYPTION +static const struct dentry_operations ext4_encrypted_dentry_ops = { + .d_revalidate = fscrypt_d_revalidate, +}; +#endif + +#if IS_ENABLED(CONFIG_UNICODE) && IS_ENABLED(CONFIG_FS_ENCRYPTION) +static const struct dentry_operations ext4_encrypted_ci_dentry_ops = { + .d_hash = utf8_ci_d_hash, + .d_compare = utf8_ci_d_compare, + .d_revalidate = fscrypt_d_revalidate, +}; +#endif + +void ext4_set_d_ops(struct inode *dir, struct dentry *dentry) +{ +#ifdef CONFIG_FS_ENCRYPTION + if (dentry->d_flags & DCACHE_ENCRYPTED_NAME) { +#ifdef CONFIG_UNICODE + if (dir->i_sb->s_encoding) { + d_set_d_op(dentry, &ext4_encrypted_ci_dentry_ops); + return; + } +#endif + d_set_d_op(dentry, &ext4_encrypted_dentry_ops); + return; + } +#endif +#ifdef CONFIG_UNICODE + if (dir->i_sb->s_encoding) { + d_set_d_op(dentry, &ext4_ci_dentry_ops); + return; + } +#endif +} diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 3162ef2e53d46..9dc0e2c6f7d7c 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2494,6 +2494,7 @@ static inline unsigned char get_dtype(struct super_block *sb, int filetype) } extern int ext4_check_all_de(struct inode *dir, struct buffer_head *bh, void *buf, int buf_size); +void ext4_set_d_ops(struct inode *dir, struct dentry *dentry); /* fsync.c */ extern int ext4_sync_file(struct file *, loff_t, loff_t, int); diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 7f4e625ab2f9b..80b5cc41851f3 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -1608,6 +1608,7 @@ static struct buffer_head *ext4_lookup_entry(struct inode *dir, struct buffer_head *bh; err = ext4_fname_prepare_lookup(dir, dentry, &fname); + ext4_set_d_ops(dir, dentry); if (err == -ENOENT) return NULL; if (err) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index b7e9f0310ec23..11584bdc3e237 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -4497,11 +4497,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) goto failed_mount4; } -#ifdef CONFIG_UNICODE - if (sbi->s_encoding) - sb->s_d_op = &ext4_dentry_ops; -#endif - sb->s_root = d_make_root(root); if (!sb->s_root) { ext4_msg(sb, KERN_ERR, "get root dentry failed"); diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index a1dd9939e20bf..f1e7dc4ae5256 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -1065,8 +1065,44 @@ const struct file_operations f2fs_dir_operations = { }; #ifdef CONFIG_UNICODE -const struct dentry_operations f2fs_dentry_ops = { +static const struct dentry_operations f2fs_ci_dentry_ops = { .d_hash = utf8_ci_d_hash, .d_compare = utf8_ci_d_compare, }; #endif + +#ifdef CONFIG_FS_ENCRYPTION +static const struct dentry_operations f2fs_encrypted_dentry_ops = { + .d_revalidate = fscrypt_d_revalidate, +}; +#endif + +#if IS_ENABLED(CONFIG_UNICODE) && IS_ENABLED(CONFIG_FS_ENCRYPTION) +static const struct dentry_operations f2fs_encrypted_ci_dentry_ops = { + .d_hash = utf8_ci_d_hash, + .d_compare = utf8_ci_d_compare, + .d_revalidate = fscrypt_d_revalidate, +}; +#endif + +void f2fs_set_d_ops(struct inode *dir, struct dentry *dentry) +{ +#ifdef CONFIG_FS_ENCRYPTION + if (dentry->d_flags & DCACHE_ENCRYPTED_NAME) { +#ifdef CONFIG_UNICODE + if (dir->i_sb->s_encoding) { + d_set_d_op(dentry, &f2fs_encrypted_ci_dentry_ops); + return; + } +#endif + d_set_d_op(dentry, &f2fs_encrypted_dentry_ops); + return; + } +#endif +#ifdef CONFIG_UNICODE + if (dir->i_sb->s_encoding) { + d_set_d_op(dentry, &f2fs_ci_dentry_ops); + return; + } +#endif +} diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 9f302de477022..cc767dd4d5352 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -3017,6 +3017,7 @@ static inline int f2fs_add_link(struct dentry *dentry, struct inode *inode) return f2fs_do_add_link(d_inode(dentry->d_parent), &dentry->d_name, inode, inode->i_ino, inode->i_mode); } +void f2fs_set_d_ops(struct inode *dir, struct dentry *dentry); /* * super.c @@ -3481,9 +3482,6 @@ static inline void f2fs_destroy_root_stats(void) { } #endif extern const struct file_operations f2fs_dir_operations; -#ifdef CONFIG_UNICODE -extern const struct dentry_operations f2fs_dentry_ops; -#endif extern const struct file_operations f2fs_file_operations; extern const struct inode_operations f2fs_file_inode_operations; extern const struct address_space_operations f2fs_dblock_aops; diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c index a1c507b0b4ac4..47095578aeea1 100644 --- a/fs/f2fs/namei.c +++ b/fs/f2fs/namei.c @@ -443,6 +443,7 @@ static struct dentry *f2fs_lookup(struct inode *dir, struct dentry *dentry, } err = fscrypt_prepare_lookup(dir, dentry, &fname); + f2fs_set_d_ops(dir, dentry); if (err == -ENOENT) goto out_splice; if (err) diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 5de587f20ed35..0f7ef0896655a 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -3169,7 +3169,6 @@ static int f2fs_setup_casefold(struct f2fs_sb_info *sbi) sbi->sb->s_encoding = encoding; sbi->sb->s_encoding_flags = encoding_flags; - sbi->sb->s_d_op = &f2fs_dentry_ops; } #else if (f2fs_sb_has_casefold(sbi)) { diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index ef85ec167a843..f3c96d99c0514 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -196,6 +196,7 @@ static int dbg_check_name(const struct ubifs_info *c, return 0; } +static void ubifs_set_d_ops(struct inode *dir, struct dentry *dentry); static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) { @@ -209,6 +210,7 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); err = fscrypt_prepare_lookup(dir, dentry, &nm); + ubifs_set_d_ops(dir, dentry); if (err == -ENOENT) return d_splice_alias(NULL, dentry); if (err) @@ -1655,3 +1657,19 @@ const struct file_operations ubifs_dir_operations = { .compat_ioctl = ubifs_compat_ioctl, #endif }; + +#ifdef CONFIG_FS_ENCRYPTION +static const struct dentry_operations ubifs_encrypted_dentry_ops = { + .d_revalidate = fscrypt_d_revalidate, +}; +#endif + +static void ubifs_set_d_ops(struct inode *dir, struct dentry *dentry) +{ +#ifdef CONFIG_FS_ENCRYPTION + if (dentry->d_flags & DCACHE_ENCRYPTED_NAME) { + d_set_d_op(dentry, &ubifs_encrypted_dentry_ops); + return; + } +#endif +} diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index 556f4adf5dc58..340ef5b88772f 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h @@ -134,6 +134,7 @@ static inline struct page *fscrypt_pagecache_page(struct page *bounce_page) } extern void fscrypt_free_bounce_page(struct page *bounce_page); +extern int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags); /* policy.c */ extern int fscrypt_ioctl_set_policy(struct file *, const void __user *); @@ -595,8 +596,9 @@ static inline int fscrypt_prepare_rename(struct inode *old_dir, * filenames are presented in encrypted form. Therefore, we'll try to set up * the directory's encryption key, but even without it the lookup can continue. * - * This also installs a custom ->d_revalidate() method which will invalidate the - * dentry if it was created without the key and the key is later added. + * After calling this function, a filesystem should ensure that it's dentry + * operations contain fscrypt_d_revalidate if DCACHE_ENCRYPTED_NAME was set, + * so that the dentry can be invalidated if the key is later added. * * Return: 0 on success; -ENOENT if key is unavailable but the filename isn't a * correctly formed encoded ciphertext name, so a negative dentry should be -- 2.25.0.341.g760bfbb309-goog ______________________________________________________ Linux MTD discussion mailing list http://lists.infradead.org/mailman/listinfo/linux-mtd/